Microsoft to patch software driver vulnerability

Microsoft has warned that a faulty driver used for copy protection could allow a hacker to gain high-level access to a PC.

Jeremy Kirk
November 6, 2007

Share

Twitter

Facebook

LinkedIn

Microsoft has warned that a faulty driver used for copy protection could allow a hacker to gain high-level access to a PC.

The problem lies with a driver called secdrv.sys, which is part Macrovision's SafeDisc software included with Windows Server 2003 and Windows XP. The software, which can block unauthorised copying of some media, also ships with Windows Vista, but that OS is not affected.

Microsoft said it knows of "limited attacks" that try to use the vulnerability, in an attack known as an elevation of privilege. The vulnerability could allow a hacker with local access to a machine to elevate his access rights and gain administrator rights, for example, allowing him to install software.

Microsoft said it was concerned that the vulnerability had been disclosed before it had a chance to fix it, which puts people at greater risk. "We continue to encourage responsible disclosure of vulnerabilities," it said.

Danish security vendor Secunia said the vulnerability was first reported as a zero-day about two weeks ago, meaning the problem was being exploited by hackers as it became known. The company rated the vulnerability as "less critical," its second lowest risk ranking for a vulnerability.